Sample Cybersecurity Policy

  • Scott E. Donaldson
  • Stanley G. Siegel
  • Chris K. Williams
  • Abdul Aslam

Abstract

A successful enterprise cybersecurity program begins with policy that is unambiguous, well organized, well maintained, and that balances the enterprise's security needs against its business priorities. It is important to organize this policy so that it is easy to write, understand, and maintain over time. Cybersecurity policy establishes the foundation upon which the enterprise’s cybersecurity program is built, and represents a contract between the enterprise’s cybersecurity practice and the business. Through cybersecurity policy, the business and cybersecurity agree on the ways and extents to which cybersecurity will be used in the business to practically implement and enforce protections of intellectual property and information system assets.

Keywords

Entropy Pyramid 

Copyright information

© Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams, and Abdul Aslam 2015

Authors and Affiliations

  • Scott E. Donaldson
    • 1
  • Stanley G. Siegel
    • 1
  • Chris K. Williams
    • 1
  • Abdul Aslam
    • 1
  1. 1.VAUnited States

Personalised recommendations